The qmail Handbook
by Dave Sill
ISBN:1893115402Apress
2002 (492 pages)This guide begins with a
discussion of qmail???s history,
architecture and features,
and then goes into a
thorough investigation of the
installation and configuration
process.
Table of Contents
The qmail Handbook
Introduction
Chapter 1
- Introducing qmail
Chapter 2
- Installing qmail
Chapter 3
- Configuring qmail: The
Basics
Chapter 4
- Using qmail
Chapter 5
- Managing qmail
Chapter 11
- Hosting Virtual Domain
and Users
Chapter 12
- Understanding Advanced
Topics
Appendix A
- How qmail Works
Appendix B
- Related Packages
Appendix C
- How Internet Mail Works
Appendix D
- qmail Features
Appendix E
- Error Messages
Appendix F
- Gotchas
Index
Back Cover
Provides thorough instruction for installing,
configuring, and optimizing qmail
Includes coverage of secure networking,
troubleshooting issues, and mailing list
administration
Covers what system administrators want to know
by concentrating on qmail issues relevant to daily
operation
Includes instructions on how to filter spam before it
reaches the client
The qmail Handbook
will guide system and mail
administrators of all skill levels through installing,
configuring, and maintaining the qmail server. Author
Dave Sill, a long-time qmail user and system
administrator, as well as the author of the popular
online tutorial ???Life with qmail,??? exposes readers to all
practical aspects of working with this popular mail
server.
This definitive guide begins with a discussion of qmail???s
history, architecture, and features and then goes into a
through investigation of the installation and
configuration process. Readers will learn how to install
qmail on several operating systems and gain valuable
insight into proper configuration, testing procedures,
and performance tuning, all of which are integral to a
properly functioning production environment mail
operation and maintenance. Throughout, Sill focuses
on topics essential to all mail administrators,
elaborating upon such subjects as configuring mailing
list managers, controlling spam, secure networking,
scanning for viruses, hosting virtual domains and
users, and creating dial-up clients.
The qmail Handbook
is the ultimate resource for
administrators and developers needing to master the
functionality of the powerful qmail software.
About the Author
The qmail Handbook
DAVE SILL
Copyright ?? 2002 by Dave Sill
All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher.
ISBN (pbk): 1-893115-40-2
Printed and bound in the United States of America 12345678910 Trademarked names may appear in this book. Rather than use a
trademark symbol with every occurrence of a trademarked name, we use the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.
Editorial Directors: Dan Appleman, Gary Cornell, Jason Gilmore, Karen Watterson
Technical Reviewer: Charles Cabazon
Project Manager: Grace Wong
Copy Editor: Kim Wimpsett
Production Editor: Sofia Marchant
Compositor: Impressions Book and Journal Services, Inc.
Indexer: Ron Strauss
Cover Designer: Tom Debolski
Distributed to the book trade in the United States by Springer-Verlag New York, Inc.,175 Fifth Avenue, New York, NY, 10010
and outside the United States by Springer-Verlag GmbH & Co. KG, Tiergartenstr. 17, 69112 Heidelberg, Germany
In the United States, phone 1-800-SPRINGER, email
<orders@springer-ny.com>, or visit http://www.springer-ny.com.
Outside the United States, fax +49 6221 345229, email
<orders@springer.de>, or visit http://www.springer.de. For information on translations, please contact Apress directly at 901 Grayson Street, Suite 204, Berkeley, CA 94710.
Phone 510-549-5938, fax: 510-549-5939, email <info@apress.com>, or visit http://www.apress.com.
The information in this book is distributed on an "as is" basis, without warranty. Although every precaution has been taken in the preparation of this work, neither the author nor Apress shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in this work. The source code for this book is available to readers at
http://www.apress.com in the Downloads section. You will need to answer questions pertaining to this book in order to successfully
download the code. For my mother
Acknowledgments
Thanks to dan bernstein for giving us qmail and many other packages including the daemontools and ucspi-tcp support utilities. Thanks also to the many people who helped make my online guide "Life with qmail" what it is today and to the members of the qmail mailing list who have helped me learn a great deal about qmail over the years.
him; Grace Wong, for managing the project; Kim Wimpsett, for turning my crude writings into clear and consistent text; Tory McLearn and Sofia Marchant, for laying out the book; Stephanie Rodriguez, for her
marketing efforts; and the many others behind the scenes who I didn't deal with directly. Working with Apress was a joy: They were supportive and committed to producing a high-quality book.
Thanks to Charles Cazabon, the technical reviewer. His suggestions were valuable and dramatically improved the quality of the finished product. This will come as no surprise to anyone who has seen his contributions to the qmail list.
Finally, special thanks to my family and friends who encouraged,
supported, and tolerated me throughout the project. My wife, Mary Jane, convinced me to write this book even though she knew it would be painful for the family at times. My children Andy, Rachel, and Erica
enthusiastically supported me and helped out in many ways. Andy tested the installation instructions in Chapter 2 on four Linux distributions and three BSD distributions. My father took over most of my chores around the house and farm for six months in addition to his usual cooking and house/dog/kid-sitting duties. My mother has supported me throughout my life. Her strength is inspiring. Many other friends and family members supported this effort. Some are acknowledged throughout the book in the names used in examples, but I'm sure I left some out.
???Dave Sill, September 2001
About the Author
About the Technical Reviewer
Charles Cazabon is a software systems developer with 15 years of
experience in computing and information technology. He has been using and configuring qmail since 1998 and is the author of several free
Introduction
This book documents how to install, configure, and use qmail. It will be most beneficial to system, network, and mail administrators, but it will also be helpful to users who want to read and send e-mail more
What Can You Expect to Learn from This Book?
You can expect to learn the following:What qmail is, what it can do, and what it can't do
How to install and configure a basic qmail server, including various support utilities
How to use qmail as a regular user: controlling the disposition of incoming messages, formatting outgoing messages, and working with mailboxes in multiple formats
How to manage a qmail server: setting up aliases, users, virtual domains, and mailing lists; troubleshooting; performance tuning; and controlling junk mail and other abuse
Organization
Chapter 1, "Introducing qmail," describes qmail and its features. Read it if you're not sure exactly what qmail is or what it can do for you. It also describes the overall organization of the qmail suite, compares qmail to other Unix mailers, and lists other sources of qmail information and support.
Chapter 2, "Installing qmail," describes step-by-step the installation of qmail on a wide range of operating system distributions, including commercial Unix variants, Linux, and various Berkeley Software Distributions (BSDs).
Chapter 3, "Configuring qmail: The Basics," shows how to configure qmail for a variety of basic functions.
Chapter 4, "Using qmail," covers how users read and send messages.
Chapter 5," Managing qmail," covers the qmailctl script, queue management, and administrative commands.
Chapter 6, "Troubleshooting qmail," shows how to monitor the qmail processes, understand the log files, analyze message headers, conduct tests, and diagnose common problems.
Chapter 7, "Configuring qmail: Advanced Options," shows how to
configure qmail for a variety of typical configurations, migrate Sendmail systems to qmail, and use source-code modifications. It also shows how to use the QMTP and QMQP protocols, enable secure networking, and improve the performance of your qmail system.
Chapter 8, "Controlling Junk Mail," covers methods for dealing with unwanted mail at both the system and user levels.
Chapter 10, "Serving Mailboxes," shows how to provide remote access to users' mailboxes via the POP3 and IMAP protocols.
Chapter 11, "Hosting Virtual Domains and Users," covers two popular qmail add-ons for managing virtual domains and virtual users: VmailMgr and Vpopmail.
Chapter 12, "Understanding Advanced Topics," explains from a qmail perspective some advanced topics such as scalable server "farms," accessing user information via LDAP or SQL, and the Variable Envelope Return Path (VERP) mechanism that qmail uses for reliable automatic bounce handling.
The appendices cover: How qmail works Related packages
How Internet mail works qmail's features
Audience
This book is aimed at anyone interested in running qmail, from the rank amateur (newbie) who just installed Linux on a spare computer all the way up to the experienced system administrator or mail administrator. However, installing, configuring, and maintaining a mailer is a complex task. If you're not an experienced system administrator, you probably shouldn't attempt to switch an existing mail system with thousands of users to qmail until you're comfortable with using and managing Unix systems.
If you're a complete Unix/Linux newbie, you should start with a good introduction to Unix for users such as The Unix Operating System by Kaare Christian. While you're reading that book, experiment on your own system. Until you actually do the tasks you've read about, you won't really understand what you're doing and you'll probably forget most of it before you really need it.
If you're an experienced Unix/Linux user, but you're not familiar with system administration, many good books are available. The best is
probably Unix System Administration Handbook by Nemeth, et al., which covers most of the common Unix variants, including Solaris, HP-UX, Red Hat Linux, and FreeBSD. If possible, select one specific to the variant of Unix or Linux that you'll be using. Although all flavors of Unix look pretty similar to users, they differ substantially in the details of system
Conventions
This book uses certain typographical conventions to help convey information clearly and concisely.
Double quotes ("") are used to indicate an unusual meaning for a common word, such as "bounce."
Italics are used to introduce new terms, like injection, or simply for
emphasis. Italics are also used to indicate variables, like /user/ for a user name or /concurrencylocal/ for a configuration setting.
Text that appears in a fixed-width typeface, such as qmail-send or <kayleigh@example.com>, represents a filename, command name, username, e-mail address, domain name, code sample, or Uniform Resource Locator (URL).
A directive to run a single command that should not produce any output looks like:
touch .qmail
If a command must be performed by the superuser (UID 0), the hash (#) shell prompt is used:
# touch /var/qmail/alias/.qmail-root
If a command should be performed by a non-privileged user, the dollar sign ($) shell prompt is used:
$ touch .qmail
If an example mixes user input and command output, user input is printed in bold:
$ date
Web Site
For the latest information on errata or to download the scripts used in
Highlights
Andy wants to send an e-mail message to his friend Josh. He opens his mail client, clicks on New Mail, enters Josh's address in the To field, fills in the Subject field with a short description of the message, and types the message into the large editing area of the form. When he's done, he
clicks on the Send button. As far as he's concerned, the message is sent, but behind the scenes, complicated machinery whirs to life. A thousand tiny steps will be executed on Andy's behalf by processes on various systems between Andy and Josh???who could be in the same room or half a world away.
The Internet Message Transfer Agent (MTA) is the key player in the
behind-thscenes mail infrastructure???it's the machinery that moves e-mail from the sender's system to the recipient's system.
Before the Internet explosion in the early 1990s, one MTA, Sendmail, was responsible for delivering almost all of the mail. But Sendmail was designed for an Internet unlike the modern Internet. At the time Sendmail was created, there were only a handful of systems on the entire Internet, and most of the people online knew each other. It was a friendly,
cooperative community that consisted mostly of the people who wrote the software that made the Internet work or managed the hardware that it connected. Security was not a major concern: There was not much that needed protection, and there were few potential "bad guys" from which to be protected.
The modern Internet is very different. It's millions of times larger, so knowing all the other administrators and users is impossible. In fact, it's accessible by anyone with access to a public library. Billions of dollars in business and consumer commerce takes place annually over the
year.
The Sendmail developers have worked hard over the years to enhance its security and performance, but there's only so much that can be done without a fundamental redesign. In 1995, Daniel J. Bernstein, then a mathematics graduate student at the University of California, Berkeley, began designing and implementing an MTA for the modern Internet: qmail.
While Sendmail is one huge, complex program that performs its various functions as the superuser (the all-powerful Unix root account), qmail is a suite of small, focused programs that run under different accounts and don't trust each other's input to be correct.
While Sendmail plods through a list of recipients delivering one message at a time, qmail spawns twenty or more deliveries at a time. And because qmail's processes are much smaller than Sendmail's, it can do more work faster, with fewer system resources. Further, Sendmail can lose
Overview
This chapter introduces the concept of the MTA and discusses one particular MTA, qmail:
First, we'll examine the role of the MTA in the Internet e-mail infrastructure.
Next, we'll look at qmail???what it does and why you might want to use it.
qmail's main design goals were security, reliability, performance, and simplicity. We'll see how qmail's creator was able to achieve these goals.
We'll also compare qmail to other popular Unix MTAs such as Sendmail, Postfix, Courier, and Exim.
Next, we'll look at qmail's features, history, architecture, and distribution license.
What Is qmail?
qmail is an Internet MTA for Unix and Unix-like operating systems. An MTA's function is twofold: to accept new messages from users and deliver them to the recipient's systems, and to accept messages from other systems, usually intended for local users.
Users don't usually interact directly with MTAs; they use Mail User Agents (MUAs)???the familiar mail programs such as Outlook Express, Eudora, Pine, or Mutt that users run on their desktop systems. Figure 1-1 shows how all of these agents interact with each other.
Figure 1-1: How the sender, recipient, MUA, and MTA interact
Why Use qmail?
Your operating system included an MTA, probably Sendmail, so if you're reading this book you're probably looking for something better. Some of the advantages of qmail over bundled MTAs include security,
performance, reliability, and simplicity.
Security
qmail was designed with high security as a goal. Sendmail has a long history of serious security problems. When Sendmail was written, the Internet was a much friendlier place. Everyone knew everyone else, and there was little need to design and code for high security. Today's Internet is a much more hostile environment for network servers.
qmail creator Bernstein is so confident that qmail is secure that he guarantees it. In his guarantee
(http://cr.yp.to/qmail/guarantee.html/), he even offers $500 to the first person who can find a security bug in qmail. He first made this offer in March of 1997, and the money remains unclaimed.
qmail's secure design stems from seven rules, discussed in the following sections.
Programs and Files Are Not Addresses, So Don't Treat
Them as Addresses
Sendmail blurred the distinction between addresses (users or aliases) and the disposition of messages sent to those addresses???usually mailbox files or mail-processing programs. Of course, Sendmail tries to limit which files and programs can be written to, but several serious security vulnerabilities have resulted from failures in this mechanism. One simple exploit consisted of sending a message to a nonexistent user on a Sendmail system with a return address of:
This would cause Sendmail to generate a bounce message and attempt to send it to the return address. In this case, the return address was a command that mailed a copy of the victim's password file to the attacker. In qmail, addresses are clearly distinguished from programs and files. It's not possible to specify a command or filename where qmail expects an address and have qmail deliver to it.
Do as Little as Possible in setuid Programs
The Unix setuid() mechanism is clever and useful. It allows a program run by one user to temporarily assume the identity of another user. It's usually used to allow regular users to gain higher privileges to execute specific tasks.
Tip Check out the man pages for more information about setuid(). The command man setuid should display the setuid()
documentation.
That's the good news about setuid(). The bad news is that it's hard to write secure and portable setuid() programs. What makes it hard to secure setuid() programs is that they run an environment specified by the user. The user controls the settings of environment variables,
resource limits, command-line arguments, signals, file descriptors, and more. In fact, the list is open-ended because new operating system releases can add controls that didn't exist before. And it's difficult for programmers to defend against features that don't yet exist.
In qmail, there's only one module that uses setuid(): qmail-queue. Its function is to accept a new mail message and place it into the queue of unsent messages. To do this, it assumes the identity of the special user ID (UID) that owns the queue.
Do as Little as Possible as Root
be done as root, qmail minimizes the potential for abuse.
Two qmail modules run as root: qmail-start and qmail-lspawn.
qmail-start needs root access to start qmail-lspawn as root, and
qmail-lspawn needs to run as root so it can start qmail-local
processes under the UID of local users accepting delivery of messages. (The "Architecture" section of this chapter covers these in more detail.)
Move Separate Functions into Mutually Untrusting
Programs
MTAs perform a range of relatively independent tasks. Some MTAs such as Sendmail are monolithic, meaning they consist of a single program that contains all the code to implement all of these tasks. A security problem such as a buffer overflow in one of these functions can allow an attacker to take control of the entire program.
qmail uses separate programs that run under a set of qmail-specific UIDs, compartmentalizing their access. These programs are designed to mistrust input from each other. In other words, they don't blindly do what they're told: They validate their inputs before operating on them.
Compromising a single component of qmail doesn't grant the intruder control over the entire system.
Don't Parse
Parsing is the conversion of human-readable specifications into machine-readable form. It's a complex, error-prone process, and attackers can sometimes exploit bugs in parsing code to gain unauthorized access or control.
qmail's modules communicate with each other using simple data
structures that don't require parsing. Modules that do parse are isolated and run with user-level privileges.
As a general rule, smaller code is more secure. All other things being equal, there will be more bugs in 100,000 lines of code than in 10,000 lines of code. Likewise, code loaded with lots of built-in features will have more bugs than clean, simple, modular code.
qmail's modular architecture???in addition to compartmentalizing access??? facilitates the addition of features by plugging in interposing modules rather than by complicating the core code.
Write Bug-Free Code
Who would intentionally write buggy code? Nobody would, of course. But programmers are human and naturally lazy. If there's a library function available to perform a particular task, they usually won't write their own code to do the same thing.
Available to C programmers is a large set of library functions called the standard C library or the C runtime library. This library contains lots of useful functions for manipulating character strings, performing input and output, and manipulating dates and times. Unfortunately, many
implementations of this library are insecure. They were not designed with security in mind, and they have not been audited to identify and correct problems.
To work around the variable quality of C library implementations and ensure safe and consistent behavior on all platforms, qmail includes its own I/O and string libraries.
Performance
If Sendmail is asked to deliver a message to 2,000 recipients, the first thing it will do is look up the mail exchanger (MX) for each recipient in the Domain Name System (DNS), the distributed database of Internet host names. Next it will sort the list of recipients by their MX. Finally, it will sequentially connect to each MX on the list and deliver a copy of the message addressed to recipients at that MX. Because the DNS is
stage of the delivery to take 15 minutes or more.
If qmail is asked to deliver the same message to the same 2,000 recipients, it will immediately spawn multiple copies of the
qmail-remote and qmail-local programs???up to 20 of each by default??? which will start delivering the messages right away. Of course, each of these processes has to do the same MX lookups that Sendmail does, but because qmail does it with multiple processes, it wastes much less time. Also, because qmail doesn't have to wait for all of the lookups to
complete, it can start delivering much sooner. The result is that qmail is often done before Sendmail sends the first message.
You can get Sendmail to use multiple processes to send messages, such as by splitting the delivery into smaller pieces and handing each off to a different Sendmail process. Future versions of Sendmail may even
include such a feature. However, because of qmail's modular design, it's able to parallelize delivery much more efficiently: Each qmail-remote or qmail-local process is a fraction of the size of a Sendmail process.
Reliability
Once qmail accepts a message, it guarantees that it won't be lost.
Bernstein calls this a "straight-paper-path philosophy," referring to printer designs that avoid bending pages as they pass through the printer to minimize jamming. In qmail it refers to the simple, well-defined, carefully designed route that messages take through the system. Even if the system loses power with undelivered messages in the queue, once power is restored and the system is restarted, qmail will pick up where it left off without losing a single message. qmail guarantees that once it accepts a message, it won't be lost, barring catastrophic hardware failure.
qmail also supports a new mailbox format called maildir that works reliably without locking???even over Network File System (NFS)???and even with multiple NFS clients delivering to the same mailbox. And, like the queue, maildirs are "crash proof."
practice? In the five years since its release, there have been no
confirmed reports on the qmail mailing list of messages lost by qmail. There have also been no bugs discovered that cause any of the qmail daemons to die prematurely. That says a great deal about the reliability designed into the program and the quality of the code that implements that design.
Simplicity
qmail is much smaller than any other full-featured MTA. This is because of three characteristics: its clever design, its carefully selected set of features, and its efficient implementation in code. Table 1-1 compares qmail's size to other MTAs.
Table 1-1: Size Comparison of Unix MTAs
MTA VERSION SIZE (IN BYTES)
Sendmail 8.11.3 303212
Postfix 20010228-pl02 240370
Exim 3.22 302236
Courier 0.33.0 668945
qmail 1.03 80025
The size of each MTA was calculated by extracting only the code files (files ending in .c, .C, or .h), stripping all comments and unnecessary white space (spaces, tabs, and blank lines), bundling them into a single tar file, and compressing the resultant tar file with gzip to compensate for variations in the lengths of variable, function, and filenames.
Clean Design
Most MTAs have separate forwarding, aliasing, and mailing-list
mechanisms. qmail does all three with one simple mechanism that also allows for defined aliases, managed mailing lists, and user-managed virtual domains.
Sendmail has a range of delivery modes: interactive, background, queue, and defer, some of which trade reliability for performance. qmail only has one delivery mode: queued, which is optimized for reliability and
performance.
Sendmail has complex logic built-in to implement system load limits. qmail limits the system load by limiting the number of modules it allows to run, which is much simpler and more reliable.
Frugal Feature Set
The modular architecture of qmail makes it possible to add features to the core functionality by re-implementing modules or adding new
interposing modules between existing modules. This allows qmail to remain lean and simple while still providing a mechanism for the addition of new features by programmers and system administrators.
Efficient Coding
Why
Not
Use qmail?
qmail has many advantages over other MTAs, but like any solution to a complex problem, it's not optimized for all possible scenarios. qmail was designed for well-connected hosts: those with high-speed, always-on network connectivity. Although it can be adapted through the use of the serialmail package to perform quite well on systems with slow or dial-on-demand connections, other MTAs that trade performance for bandwidth efficiency, such as Postfix, might be better suited for such installations.
Comparing qmail to Other Mailers
Table 1-2 compares qmail to some of the most common Unix MTAs.
Table 1-2: Common Unix MTAs
MTA MATURITY SECURITY FEATURES PERFORMANCE SENDMAIL-LIKE
qmail Medium High High High Add-ons
Sendmail High Low High Low ???
Postfix Medium High Medium High Yes
Exim Medium Low High Medium Yes
Courier Low Medium High Medium Optional
Sendmail-like means that the MTA behaves like Sendmail in some ways that would make a switch from Sendmail to the alternative MTA more user-transparent, such as the use of .forward files, /etc/aliases, and delivery to /var/spool/mail.
Cameron Laird's Web page compares these and other free and commercial MTAs
Sendmail
For many years, Sendmail (http://www.sendmail.org/) was simply the Unix MTA. Sure, there were alternatives such as Smail, ZMailer, and MMDF, but Sendmail was by far the most widely used. The others offered limited advantages???Smail was lightweight, ZMailer was modular and had high performance???but every Unix distribution included Sendmail. It was powerful, mature, and the de facto standard.
By the early to middle 1990s, though, it was showing its age. There was a long line of well-publicized and frequently exploited security holes, many of which resulted in remote attackers obtaining root access to the system. The booming popularity of the Internet was driving up the rate of mail deliveries beyond Sendmail's capabilities. And although Sendmail is configurable, its configuration file syntax is legendary. One standard joke is that sendmail.cf entries are indistinguishable to the casual observer from modem line noise???strings of random characters.
Sendmail has now gone commercial???in addition to the free distribution??? and continues to be actively maintained and developed. Sendmail fans like to point to its recent security track record as evidence of its security, but Sendmail's do-everything-as-root-in-one-program design is inherently insecure. All the holes in the dike might be plugged at the moment, but it might be considered imprudent to believe that others won't spring up in the future.
Nothing short of a redesign will bring Sendmail up to modern standards of security, reliability, and efficiency.
Postfix
Wietse Venema, author and coauthor of several free security-related software packages including TCP Wrappers, SATAN, and logdaemon wrote Postfix (http://www.postfix.org/) because he wasn't happy with any of the available Unix MTAs???including qmail. Postfix is a
Compared to qmail, Postfix is larger, more complicated, less secure, less reliable, and almost as fast. While Postfix and qmail are both modular, all of Postfix's modules run under the same user, so compromising one module could compromise the entire system. The goal of compatibility with Sendmail's user interface has limited the extent to which Venema could innovate and has saddled Postfix with Sendmail baggage like the ill-defined and hard-to-parse .forward file syntax.
Overall, Postfix is a good, solid MTA that can substitute well for qmail in most applications. If you don't demand the highest levels of security and performance, you might want to experiment with both and use the one most comfortable to you.
Courier
Sam Varshavchik, author of the Courier-IMAP daemon often used with qmail, wrote Courier (http://courier.sourceforge.net/)
because he wasn't happy with any of the available Unix MTAs???including qmail and Postfix.
Courier is an integrated suite of mail servers that provide SMTP/ESMTP, IMAP, POP3, Web mail, and mailing-list services. Most MTAs only
provide SMTP/ESMTP service. qmail includes a POP3 server. Courier's IMAP server is often used with qmail because it supports qmail's maildir mailbox format.
Courier is still in beta release. The author considers it reliable and essentially complete, but not fully mature.
Exim
qmail Features
qmail is a full-featured MTA. It handles all of the traditional functions of an MTA including SMTP service, SMTP delivery, queuing and queue
management, local delivery, and local message injection. It includes a POP3 server and support for aliases, mailing lists, virtual users, virtual domains, and forwarding. Following is a quick summary of qmail's major features. A more detailed feature list is provided in Appendix D, "qmail Features."
Setup Features
The setup process includes building, installing, and configuring the programs in the qmail suite.
qmail automatically adapts to the system it's being built on, so no porting is required. During the installation, qmail automatically configures itself for basic functionality. It installs easily and doesn't require lots of
decision-making. It's configured using a set of simple control files-not a monolithic, cryptic configuration file.
Security Features
Mail is a publicly accessible service on the local system and via the Internet. Because of this, great care must be taken to ensure that it doesn't open the system to attacks that could compromise the local system's integrity or allow damage to or disclosure of files, including mailboxes.
qmail clearly distinguishes between deliveries to addresses, files, and programs, which prevents attackers from overwriting files or executing arbitrary programs. It uses minimal setuid() code: only one module, which runs setuid() to a qmail-specific UID. It also uses minimal superuser code: Only two modules run with system privileges. Trust
actions, which can be useful for incident analysis. Complete SMTP dialogues and copies of all messages sent and received can also be saved.
Message Construction
qmail provides utilities that help users construct new mail messages that conform to Internet standards and provide the control that users demand. qmail includes a sendmail command for Sendmail compatibility with scripts and programs that send mail messages. It supports long header fields limited only by system memory. qmail also supports host and user masquerading, allowing local users and hosts to be hidden from the public.
SMTP Service
As an MTA, one of qmail's primary functions is to provide SMTP service to other MTAs and MUAs.
qmail complies with the relevant Internet standards and is 8-bit clean, so messages with non-ASCII characters won't be rejected or damaged. It detects "looping" messages by counting delivery hops, and if aliases on two or more hosts create an infinite loop, qmail will detect and break the loop. qmail supports "blacklisting" sites known to abuse mail service. Also, it doesn't alter existing message header fields.
Queue Management
Another critical MTA function is storing and retrying temporarily
undeliverable messages. The structure that stores these messages is called a queue.
To speed the delivery of messages, qmail supports multiple concurrent local and remote deliveries. Each successful delivery is recorded to disk to prevent duplicates in the event of a crash, and the queue is crash proof, so no mail is lost from the queue. The queue is also self-cleaning: Partially injected messages are automatically removed.
Bounces
When messages are undeliverable, either locally or remotely, senders are notified by mail. When a message is returned in this manner, it's said to have "bounced."
qmail's bounce messages are clear and direct for human recipients, yet easily parsed by bounce-handling programs. qmail also supports
"double" bounces: Undeliverable bounce messages are sent to the postmaster.
Routing by Domain
Controlling the routing of e-mail messages based on the recipient's domain name is often useful and facilitates complex mail systems and the hosting of multiple domains on a single server.
qmail supports host name aliases: The local host can use multiple names. It also supports virtual domains: hosted domains with
independent address spaces. Domains can even be "wildcarded," which means that multiple sub-domains can be handled with a single
configuration setting.
qmail even supports, optionally, Sendmail-style routed addresses such as
molly%mail.example.com@isp.example.net, which means "deliver the message to molly@mail.example.com through
isp.example.net."
SMTP Delivery
qmail's SMTP client complies with the relevant Internet standards and is 8-bit clean, so messages with non-ASCII characters can be sent
undamaged. It also automatically detects unreachable hosts and waits an hour before trying them again. qmail supports "hard-coded" routes that allow the mail administrator to override the routes specified in DNS.
Forwarding and Mailing Lists
Forwarding incoming messages and supporting mailing lists are common MTA functions.
qmail supports Sendmail-style .forward files using the dot-forward package and high-performance forwarding using the fastforward package. Sendmail /etc/aliases compatibility is also supported through the fastforward package.
Automatic "-owner" support allows list owners to receive the bounces from a mailing list, and Variable Envelope Return Path (VERP) support enables the reliable automatic identification of bad addresses on mailing lists.
Mail administrators and users can use address wildcarding to control the disposition of messages to multiple addresses. qmail uses the Delivered-To header field to automatically and efficiently prevent alias "loops."
Local Delivery
qmail supports a wide range of local delivery options using its built-in Mail Delivery Agent (MDA) and user-specified MDAs.
Users control their own address space: User lucy has complete control over mail to lucy-anything@domain.
custom scripts, and so on.
POP3 Service
Although it's not formally a service provided by MTAs, qmail includes a POP3 server for providing network access to mailboxes.
History
Bernstein, now a math professor at the University of Illinois in Chicago, created qmail. Bernstein is also well known for his work in the field of cryptography and for his lawsuit against the U.S. government regarding the publishing of encryption source code.
The first public release of qmail, beta version 0.70, occurred on January 24, 1996. The first gamma release, 0.90, was on August 1, 1996.
Version 1.0, the first general release, was announced on February 20, 1997. The current version, 1.03, was released on June 15, 1998.
Architecture
This section outlines the logical and physical organization of the qmail system.
Modular System Architecture
Internet MTAs perform a variety of tasks. Earlier designs such as Sendmail and Smail are monolithic. They have one large, complex program that "switches hats." In other words, the program puts on one hat to be an SMTP server, another to be an SMTP client, another to inject messages locally, yet another to manage the queue, and so on.
qmail is modular. A separate program performs each of these functions. As a result, the programs are much smaller, simpler, and less likely to contain functional or security bugs. To further enhance security, qmail's modules run with different privileges, and they don't trust each other. In other words, they don't assume the other modules always do only what they're supposed to do. Table 1-3 describes each of qmail's modules.
Table 1-3: The qmail Modules
MODULE FUNCTION
qmail-smtpd Accepts/rejects messages via SMTP
qmail-inject Constructs a message and queues it usingqmail-queue qmail-queue Places a message in the queue
qmail-
rspawn/qmail-remote Handles remote deliveries
qmail-clean Cleans the queue
However, there's also a down side to the modular approach. Unlike a monolithic MTA, the interactions between modules are well defined, and modules only exchange the minimum necessary information with each other. This is generally good, but sometimes it makes it hard to perform certain tasks. For example, the Sendmail -v flag causes Sendmail to print a trace of its actions to standard output for debugging purposes. Because one Sendmail program handles injection, queuing, alias
processing, .forward file processing, and remote forwarding via SMTP, it is able to easily trace the entire delivery. The equivalent capability in qmail doesn't exist and would require substantial code changes and additional complexity to implement the passing of the "debug" flag from module to module and the outputting of the debugging information.
File Structure
/var/qmail is the root of the qmail file structure. You can change this when qmail is being built, but it's a good idea to leave it so other
administrators know where to find things. If you really want to relocate some or all of the qmail tree, it's better to use symbolic links. See
Chapter 2, "Installing qmail," for an example of how to do this. Table 1-4
lists the top-level directories.
Table 1-4: The Top-Level /var/qmail Directories DIRECTORY CONTENTS
alias .qmail files for system-wide aliases
bin Program binaries and scripts
boot Startup scripts
control Configuration files
doc Documentation, except man pages
queue The queue of unsent messages
users The qmail-users database (optional)
Note A frequently asked question (FAQ) is "Why is qmail installed under /var?" The answer, available at the qmail site
(http://cr.yp.to/qmail/faq/install.html#whyvar), explains that /var is appropriate because most of the files under
/var/qmail are system-specific. Chapter 2, "Installing qmail," shows how to relocate branches of the /var/qmail tree
under other parts of the file system using symbolic links.
Queue Structure
Appendix A, "How qmail Works," discusses the details of queuing more thoroughly, but even if you don't care about how qmail works internally, you should be familiar with the organization of the queue. Table 1-5
describes the layout of the queue.
Table 1-5: Queue Subdirectories SUBDIRECTORY CONTENTS
bounce Permanent delivery errors
info* Envelope sender addresses
intd Envelopes under construction by qmail-queue
local* Local envelope recipient addresses
lock Lock files
mess* Message files
pid Used by number qmail-queue to acquire an inode
remote* Remote envelope recipient addresses
Note Directories marked with an asterisk (*)contain a series of split subdirectories named "0", "1", ..., up to (confsplit-1), where conf-split is a compile-time configuration setting contained in the file conf-split in the build directory. It defaults to 23. The purpose of splitting these directories is to reduce the number of files in a single directory on very busy servers.
Files under the mess subdirectory are named after their inode number. What this means is that you can't manually move them using standard Unix utilities like mv, dump/restore, and tar. There are
user-contributed utilities on the Web that will rename queue files correctly after they've been moved or restored (http://www.qmail.org/).
Caution It is not safe to modify queue files while qmail is running. If you want to modify the queue, then stop qmail first, alter the queue carefully, and then restart qmail. Chapter 5,
"Managing qmail," covers queue management.
Pictures
There is a series of files in /var/qmail/doc with names starting with
PIC. These are textual "pictures" of various situations that qmail handles. They show the flow of control through the various modules and are
helpful for debugging and creating complex configurations. Table 1-6
describes these files.
Table 1-6: PIC Files
FILENAME SCENARIO
PIC.local2aliasLocally injected message delivered to a localalias
PIC.local2ext Locally injected message delivered to anextension address
PIC.local2rem Locally injected message delivered to a remote address
PIC.local2virt Locally injected message delivered to anaddress on a local virtual domain PIC.nullclient A message injected on a null client
PIC.relaybad A failed attempt to use the local host as a relay
License
qmail is copyrighted by the creator and is not distributed with a statement of users' rights. However, he outlines what he thinks your rights are under U.S. copyright law (http://cr.yp.to/softwarelaw.html), and he grants the right to distribute qmail source code
(http://cr.yp.to/qmail/dist.html). Binary distributions are also allowed (http://cr.yp.to/qmail/var-qmail.html).
The bottom line is that you can use qmail for any purpose, you can
redistribute unmodified qmail source distributions and qualifying var-qmail binary distributions, and you can distribute patches to qmail. You cannot distribute modified qmail source code or non-var-qmail binary
distributions.
Is qmail free software? Yes and no. It's available to anyone who wants it for free. Once one has it, one can do whatever one wants with it,
including modifying the source code???except one can not redistribute modified qmail source code or binary qmail distributions that don't qualify as var-qmail packages.
These redistribution restrictions anger some free software activists who are used to being able to modify software as they see fit for their favorite Linux or Berkeley Software Distribution (BSD) distributions, but Bernstein feels strongly that they're necessary for two reasons:
His reputation is at stake if someone distributes a qmail
distribution with modifications that introduce reliability, security, or efficiency bugs.
Documentation
There is a wide selection of documentation available for qmail, including the man pages that come with the source-code distribution and various online sources.
Man Pages
The qmail distribution comes with a complete set of man pages. After installation, they're in /var/qmail/man. You'll probably need to add that directory to your MANPATH environment variable so you can easily view them. Table 1-7 describes how to set MANPATH using different shells.
Table 1-7: Setting MANPATH SHELL COMMAND
Bourne
(/bin/sh) MANPATH=$MANPATH:/var/qmail/man; exportMANPATH
Bash, Korn export MANPATH=$MANPATH:/var/qmail/man
C Shell setenv MANPATH $MANPATH:/var/qmail/man
At this point, commands in the format man name-of-qmail-man-page should display the appropriate man page. The man pages are also
available online in HTML format
(http://www.qmail.org/mail/index.html).
Note The qmail man pages are loaded with information, but they require careful reading because they're written in a dense, technical style.You might want to print a set and read it through once to familiarize yourself with what's there and where it is. Little information is repeated on multiple pages, so if you don't know where something is covered, it can be hard to find it.
The qmail distribution includes a series of documents installed under
/var/qmail/doc. They include the following:
FAQ contains common questions with answers.
INSTALL* contains installation documentation.
PIC.* contains descriptions of how qmail performs key tasks. See the "Architecture" section for more information.
These documents, and various other installation-related documentation, are also available online
(http://www.qmail/org/man/index.html).
FAQs
There are two official FAQs:
/var/qmail/doc/FAQ is the plain text version.
http://cr.yp.to/qmail/faq.html is the online HTML version.
The HTML version is more complete and is updated more often.
Official qmail Site
The primary source of information is the official qmail site maintained by Bernstein (http://cr.yp.to/qmail.html).
This site includes
A description of qmail A list of qmail's features
Documentation for specialized configurations A list of large sites using qmail
Changes in recent versions of qmail Plans for the future
Pointers to related packages
Unofficial qmail Site
The unofficial qmail site (http://www.qmail.org/) is an
indispensable resource for qmail managers and users. Topics covered include
User-contributed add-ons
A list of providers of commercial support for qmail A collection of handy tips
Information about virus detection and spam prevention User-contributed documentation
List Archives
The qmail e-mail mailing list, maintained by Bernstein, is a valuable source of troubleshooting information. A Web archive of the list messages ( http://www.ornl.gov/its/archives/mailing-lists/qmail/) also has a search engine (
http://www-archive.ornl.gov:8000/).
Support
Although qmail includes excellent documentation, and users have
published many helper documents, there are times when you just need to ask an expert. There are two main channels for support: Internet mailing lists and hired consultants.
Mailing Lists
A mailing list is just a list of e-mail addresses accessible through a single address. Some lists are open (anyone can post to them), some are
closed (only members can post), and some are moderated (the list owner must approve all postings).
To join a mailing list, one usually sends a request by e-mail to a special subscription address. Some lists require the message to contain a
specially formatted subscribe command. It's considered good etiquette to join a list before posting to it, even if it's open. It's also a good idea to wait a few days before posting to become familiar with how the list works. Mailing lists are potentially valuable resources, but they're not perfect. Unless the list is moderated, anyone can reply to a question-whether they know what they're talking about or not. You might get advice from the world's foremost authority on the topic or someone who has no idea what they're talking about. It's critical to evaluate all free advice carefully
before taking action.
The following lists reside on the host list.cr.yp.to and are managed by the ezmlm list manager, which uses different addresses to perform different functions:
<listname@list.cr.yp.to>: The submission address. Messages sent here go out to all members of the list. Do not send subscribe/unsubscribe requests here: They won't work, and you'll annoy the subscribers.
a list of command addresses and general usage information. <listname-subscribe@list.cr.yp.to>: Send a blank message here to subscribe.
<listname-unsubscribe@list.cr.yp.to>: Send a blank message here to unsubscribe.
To specify the address to be added or removed-for example,
rachel@example.com-send a message to:
listname-subscribe-rachel=example.com@list.cr.yp.to
For more mailing lists hosted at cr.yp.to, see the complete listing (http://cr.yp.to/lists.html).
qmail@list.cr.yp.to
This is the main qmail mailing list. It's open and unmoderated, so
discussion and questions/answers on everything related to qmail (except related packages with their own lists) are appropriate. Read the FAQ and search the list archives before posting a question. When you ask
questions, try to include sufficient details to make it possible for people to respond. Doing this will improve the likelihood of receiving a useful,
timely response.
Try also to include sufficient information to answer the following questions:
What did you do? What's your configuration? Include unedited
qmail-showctl output if you're not sure what's important. What actions did you take? Be specific: Show the commands you ran and include copies of your startup scripts. Don't just say what you did, show what you did.
What did you expect to happen? What was the outcome you were trying to achieve? Don't assume that the other subscribers can guess.
clippings and copies of messages with headers. Don't just say, "It didn't work."
qmailannounce@list.cr.yp.to
This is the qmail announcement mailing list. New releases are
announced here. Only Bernstein posts to it, so there's no submission address. Messages from this list are rare.
serialmail@list.cr.yp.to
This list is for discussion of the serialmail package. It's open and
unmoderated, so the same tips that apply for the qmail list work here, too.
ezmlm@list.cr.yp.to
This list is for discussion of the ezmlm mailing-list manager. It's open and unmoderated, so the same tips that apply for the qmail list work here, too. Archives are available online (http://marc.theaimsgroup.com/? l=ezmlm&r=1&w=2).
Hired Consultants
Although mailing lists can be great resources, they're somewhat limited. Because they're free, nobody is obligated to respond promptly-or even at all. And there are limits to what unpaid helpers will do.
If your mail system is down and you need it back now, you want to
implement a new feature, or you want someone to configure a system to your specifications and you don't have the expertise to do it in-house, hiring a qmail expert is the way to go. Because qmail is free and doesn't include a warranty, a support contract is also a good way to satisfy
Conclusion
At this point, you know that qmail is a modern Internet MTA suitable for replacing Sendmail and other Unix MTAs where security, reliability, and efficiency are important. You've learned why it's secure, reliable, and efficient, and you know its major features, its history, and its architecture. And you know where to get help running it: the available documentation, mailing lists, Web sites, and consultants.
In Chapter 2, "Installing qmail," you'll learn how to install a complete qmail system suitable for applications ranging from a single-user
Highlights
This chapter covers installing qmail. If you're an experienced system administrator, you can install qmail following the directions in the source distribution's INSTALL file. The INSTALL directions are the "official" installation directions. However, these directions assume you are an experienced system and mail administrator; further, they're outdated because the current qmail distribution predates the current support packages.
The installation instructions presented in this chapter represent the current practices supported by qmail creator Daniel J. Bernstein and the qmail mailing list at the time of this writing. Check the book's Web site for further updates (http://www.apress.com).
Overview
This chapter describes how to install qmail.
First, we'll talk about some of the things you should think about and preparations you should make before installing qmail. Then, we'll summarize the installation procedure for the impatient-or those who've already installed qmail using the detailed procedure.
Next, we'll go through a detailed, step-by-step installation procedure.
Preparing to Install qmail
Before you start installing qmail, you need to make some decisions about how you want to install it. Do you want to install a prebuilt package for your particular operating system? Or perhaps you want to install a
source-code package like an RPM? Maybe you want to install qmail from the basic source-code tar file (tarball)? And where do you want to install it?
Even if you're an old hand at installing software, you should consider these issues carefully because qmail is unique in several ways that might affect your decisions.
Binary or Source Code?
Because of qmail's restrictive licensing regarding the distribution of prebuilt packages, qmail is usually installed from a source-code distribution.
If you're not familiar with the distinction between source code and
binaries, imagine ordering a pizza delivered to your house. The "binary" version of the pizza arrives ready to eat. The "source-code" version of the pizza comes as a kit containing flour, yeast, cheese, sauce, toppings, and directions for cooking the pizza. Source-code installations are a little
more work for you, but if you follow the directions carefully, the result is the same???or even better. And you'll know a lot more about your pizza and how it works.
Tarball or Operating System-Specific Package?
Some operating systems provide a mechanism for automating source-code installations. Returning to the pizza analogy, they make it possible to package the ingredients and directions in such a way that you can just push a button and have the pizza bake itself.
In practice, this might not be such a good idea. Assembling these
packages can be fairly difficult, and they might not work as intended. Like any software, they can have bugs. But even if these assemblies are bug free, the convenience they provide comes at a cost. You lose most of the advantages of the self-baked pizza, such as the ability to adjust the
toppings to your personal preferences, the knowledge of how the pizza was made, and the knowledge of how it works.
If qmail was a pizza, the self-building approach might still be the way to go. But it's not: It's a fairly complex system that the installer/maintainer needs to understand pretty well to be able to keep it working smoothly. The self-installing qmail is easier to install than the user-installed version, but the user-installed version is easier to configure and troubleshoot. Configuring and installing from source code will also give you a greater understanding of how qmail works. You install qmail once on a system, but you will probably have several opportunities to reconfigure or debug it.
That's why installing qmail from scratch using the source-code tarball, not a Red Hat RPM or other self-installing bundle, is recommended. If you still want to install from RPM, it's covered in the "Installing from RPMs" section.
Choosing a Mailbox Format and Location
Messages received for final delivery are stored in a mailbox???a file or directory that contains messages delivered to a local address and owned by the user responsible for that address. The locations and formats of mailboxes vary depending upon the transfer, user, and delivery agents involved.
One of the most important decisions you'll make when installing qmail is the location and format of mailboxes. You basically have three choices:
mbox mailboxes under /var/spool/mail or some other central spool directory
maildir mailboxes under the user's home directory
A fourth possibility, maildir mailboxes in a central spool directory, is not commonly used except in virtual user configurations, which is covered in
Chapter 11, "Hosting Virtual Domains and Users." There are
compatibility, security, convenience, and performance tradeoffs with each of these choices, so we'll look into them more deeply.
The Mbox Mailbox Format
Traditionally, Unix mailboxes have been stored in a centralized location, usually /var/spool/mail or some variation, in a simple, single file format called mbox. In an mbox mailbox, messages are prefixed with a line that looks like a From header field. The mbox man page describes the format in detail.
This is an example of a message in mbox format:
From jessica@blossom.example.net Fri Mar 09 12:00:39 2001-03-09 Return-Path: <jessica@blossom.example.net>
Delivered-To: erica@bubbles.example.com
Received: (qmail-queue invoked from smtpd); 9 Mar 2001 12:00:38 -0000 Received: from blossom.example.net (200@10.10.10.12)
by bubbles.example.com with SMTP; 09 Mar 2001 12:00:38 -0000
Received: (qmail 16464 invoked by uid 200); 9 Mar 2001 12:00:38 -0000 MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit
Message-ID: <15017.2418.646410.788141@blossom.example.net> Date: Fri, 9 Mar 2001 08:00:37 -0500 (EST)
From: Jessica <jessica@blossom.example.net> To: erica@bubbles.example.com
Subject: Movie tonight
Want to go see a movie tonight?
The first line of the mbox, starting with the word From, is the mbox prefix line. If a message contains any other lines starting with From, the line must be escaped by prefixing it with a greater-than sign (>) as in the next-to-last line in the example.
Pros
mbox mailboxes are supported by almost all Unix MUAs???and are the only format supported by some of them. If you're migrating a system using mboxes to qmail, you might want to stick with the mbox format to avoid the need to convert existing mailboxes to the maildir format and to avoid compatibility issues with the MUAs your users are already using. Cons
Because all messages are stored in a single file, mboxes require careful locking to prevent simultaneous updating by multiple user agents???which can result in mailbox corruption. The escaping of message lines starting with From is distracting to the user and interferes with message
checksums and digital signatures. Also, there are several variants of the mbox format, as described in the mbox man page, and all MDAs and MUAs operating on a mailbox must use the same variant for reliable operation.
The Maildir Mailbox Format
qmail introduced the maildir mailbox format specifically to address the weaknesses of the mbox format. A maildir mailbox is, as the name
suggests, a directory containing three subdirectories. Each message in a maildir is stored in a separate file in one of the three subdirectories,
depending on the message's state. The three subdirectories are
tmp for messages in the process of being delivered
new for messages that have been delivered but not yet seen by the recipient
Note Empty maildirs can be created using the maildirmake
command, which must be run as the owner of the mailbox, not root. Most operating systems support a "skeleton" directory whose contents are copied to the home directories of new users. If you configure your qmail system to default to maildir delivery, it's a good idea to include a maildir directory in the skeleton directory. The traditional name for a user's primary maildir mailbox is Maildir.You can use any name you like, but Maildir is unlikely to result in confusion about the intended format of the mailbox.
Note One important difference between mboxes and maildirs is that qmail will not automatically create maildirs at the time of
delivery. Be sure to create maildir mailboxes in advance or deliveries will be deferred.
Pros
No locking is required to limit simultaneous access by multiple user agents???even for maildirs accessed via Network File System (NFS). Because each message is stored in a separate file, there's no need for a message prefix or escaping lines starting with From.
Cons
The maildir format is relatively new, and some MUAs don't support it. If all mail-box access will be via Post Office Protocol (POP) or Internet Mail Access Protocol (IMAP), this isn't an issue because you can use POP and IMAP daemons that support maildirs. If you're migrating from mboxes to maildirs, you'll have to ensure that the MUAs you provide support maildirs, and you might want to convert the existing mboxes to maildirs.
Mailbox Location
Traditionally, each user's incoming mailbox is stored in a central spool directory such as /var/spool/mail, /usr/spool/mail, or
because of holes in setuid() delivery agents and improper permissions on the mail spool directory, which let users take ownership of other users' mailboxes.
To avoid these problems, the default location for a user's mailbox under qmail is in their home directory. You can configure most MUAs through an environment variable or configuration file to accommodate this change.
Table 2-1 shows how to specify the mailbox location.
Table 2-1: Specifying Mailbox Location Using an Environment Variable MAILBOX
FORMAT MAILBOX LOCATION VARIABLE SETTING
mbox /var/spool/mail/usernameMAIL /var/spool/mail/
mbox $HOME/Mailbox MAIL $HOME/Mailbox
maildir $HOME/Maildir MAILDIR $HOME/Maildir
maildir /var/spool/mail/usernameMAILDIR /var/spool/mail/
Where to Put the Files?
Where should the binaries go? Where should the man pages go? The configuration files? The queue?
Every system administrator and operating system has different ideas about where the various pieces of a package belong. qmail is quite
flexible about where these different pieces reside, but it wants all of them to be accessible from a single master directory. By default, everything will be installed under /var/qmail. You could change the master directory to /usr/local/qmail or whatever else you'd like, but by leaving it alone you make it easier for other people familiar with qmail to support your installation.
qmail makes a strong case for locating the master directory on the /var
file system in the online qmail frequently asked questions (FAQ). The
requirement for location in /var because their contents are system specific and should not be shared between machines. Because qmail compiles information about its various user IDs into the binaries, the bin
subdirectory is also system specific. The remaining subdirectories ???boot, doc, and man???are not system specific, but they're small, so they can be left in /var in most cases.
If you really want to make qmail conform to some preferred directory structure, the best way to accomplish that is to put the master directory in
/var/qmail but relocate the subdirectories using symbolic links. Figure 2-1 shows how to do this.
Figure 2-1: Using symbolic links under /var/qmail
The following installation instructions include an example of such a reorganization.
Requirements for the Location of the Queue
Because of its high reliability, qmail imposes some requirements on the file system used to contain the queue.
Must Be Local
Must Perform link() Calls Synchronously
qmail assumes that when it executes a link() call the metadata
(directory and inode information) for the new link is safely written to disk. This is not true for all file systems and operating systems. File systems known to meet this requirement include
BSD Fast File System (FFS) without "softupdates" FFS variants like Solaris or Tru64 UFS
File systems that don't meet this requirement include Linux Ext2
BSD FFS with softupdates SGI XFS
ReiserFS
There are a couple of Ext2-specific workarounds. First, the file system can be mounted with the "sync" option to cause all operations on the file system to be performed synchronously, or directly to disk. This can have a negative impact on performance, though, because it allows no caching, even when it could be done safely, and because it applies to all programs writing anywhere on the file system???not just qmail. Somewhat less
drastic is to use the chattr command to set the S attribute on all of the queue subdirectories. That still prevents some safe caching, but at least it only affects qmail.
There are better workarounds that work on most file systems.
One is syncdir (http://www.untroubled.org/syncdir/), a library that provides versions of the standard library functions that modify
Packages," for detailed instructions.
Another workaround that may be right for you is a patch
(http://www.jedi.claranet.fr/qmail-link-sync.patch) that adds explicit fsync() calls to synchronize the metadata. See Chapter 7, "Configuring qmail: Advanced Options," for more details about using patches.
Must Not Reside on a Disk Drive with Write Caching Enabled
This requirement is also somewhat tricky to determine. In general, Small Computer Systems Interface (SCSI) disks are less likely to enable write caching???unless the disk device driver requests it. Integrated Drive Electronics (IDE) drives are more likely to enable write caching by default.
Support Utilities
Like all systems of similar size and complexity, qmail requires???or at least works better with???the support of several system utilities. Traditionally, the network service "super server," inetd, is usually used to handle
accepting connections on well-known ports and invoking the appropriate daemons associated with those ports. The logging service, Syslog,
accepts messages from daemons, timestamps them, and writes them to a log file.
Unfortunately, these standard Unix utilities have some serious limitations. Luckily, Bernstein has designed replacements that address these
problems. Although it's possible to use qmail with inetd and Syslog, it's not recommended even for "casual" installations.
Network Service
What's wrong with inetd? It handles many services on thousands of servers with-out any obvious problems, right? That's true, but not all of its problems are obvious. Most high-volume network services on Unix
inetd lacks a connection limit. There's no way to limit the
number of active connections to a port. On a busy server, normal traffic levels can cause inetd to spawn more copies of a
daemon than the system can handle. Denial-of-service attacks are easily perpetrated against services managed by inetd.
inetd implements a connection-rate limit. If connections come "too fast" to a particular port, inetd reports that the service "may be looping" and disables it for some period of time. This is
disastrous on a busy server???shutting it down at its busiest time. Some versions of inetd allow the maximum connection rate to be configured, but some don't. It also allows attacker
